Exchange SMTP, SMTPs and SMTP-STARTTLS on one VIP?

0

Hi et al,

 

I have a new LoadMaster 7.2.50 running in front of Exchange Servers 2016. The LoadMaster is placed in the DMZ with a one-armed setup. Everything is working so far except SMTP in combination with SMTPs and SMTP-STARTTLS. We need all three SMTP connection because of different clients running in the network. With direct client connections to the Exchange Servers this is working but over the Load Blancer we cant find a working setup. We want to use only one VIP for all clients so that we dont have to care about different "SMTP-Targets" on the clients.

So my question is: Is it possible to run SMTP, SMTPs and SMTP-STARTTLS on one VIP?

 

Best,

Thilo

2 comments

Avatar
0
Nick Smylie

Hi @thilo.hausmann

Are you using different ports for SMTP, SMTPs and the STARTTLS?

For regular SMTP and STARTTLS you should be able to use one VIP.  When you set the service type to STARTTLS you can use a STARTTLS mode as either 'if requested' or 'always'.  'If requested means if the client sends the STARTTLS request the LoadMaster will handle it accordingly, 'always' means it will be expecting it, and if it does not get it, it will fail.  In my experience not many people use the 'always' method.

Now for the SMTPs if you are using port 587 you can configure a separate VIP but use the same IP as your other one.  On the LoadMaster you can have multiple IPs for VIPs with different port combinations.  

If you need more assistance Kemp support is always available to help and I can open up a ticket for you if you'd like.

Avatar
0
thilo.hausmann

Hi Nick,

thank you for your replay.

Currently we have only port 25 configured on our Exchange Servers. And on the Receive Connector we have TLS, Basic Auth with offer basic auth enabled.

 

I will try STARTTLS mode with 'if requested'.